Dependability
Did you ever miss an important date because your car failed on the road, or lost your work because your laptop broke down or just missed the end of a good movie because your TV screen went dark? If the answer is “yes” you may wonder what is done to make sure that products are reliable and these things do not happen too often. Any product - such as a car, a laptop or a satellite – is generally expected to work successfully for a required period of time.
It is the responsibility of dependability engineers to ensure, as much as possible, that products are reliable and function as expected (for example over 100.000 kilometres in the case of a car, 50.000 hours for a laptop, or the multi-year duration of a space mission), or work when needed and can be repaired after failure.
In the space domain, dependability engineers put their efforts to ensure for example that the satellite on-board computers are reliable, weather maps are available to the news (such as from the Meteosat satellites), and on-ground infrastructure required to operate and control in orbit satellites can be repaired in case of failure.
What is the Dependability domain?
Dependability covers the engineering disciplines Reliability, Availability and Maintainability. Reliability is focused on the capability to function without interruption, Availability is the ability to operate when needed and Maintainability refers to the easiness of repairing/replacingor upgrading the product.
Ensuring dependability is always a trade-off with other and mostly conflicting requirements such as safety, security, mass, cost, schedule, etc. For example, one possible way to increase reliability is to have the same function being performed by two equal but independent systems which in the end results in a final product with a higher mass.
Dependability and safety within ESA are integrated disciplines covering satellites (hardware, software), as well as ground infrastructure and operations (human aspects). It encompasses many areas of expertise and scientific knowledge throughout the life cycle phases of a space project.
Why is Dependability important?
There are no second chances in space missions. Getting something wrong has expensive and potentially unrecoverable consequences, especially as post-launch repairs are often impossible to carry out. The above constraints, together with the current trend of increased autonomy of space systems and the rapid and unpredictable rate of technological change, raises new challenges for dependability.
Unlike the aviation industry, the space industry can not typically follow the ‘fly-fix-fly’ approach. In fact, space programs are expected to work in one-shot, and thus imposing stringent dependability requirements. There are only a handful of exceptions to this approach, such as the shared NASA-ESA mission – the Hubble Space Telescope. Launched in 1990, Hubble continues to perform due not only to its robustness and built-in reliability but also to the new instrumentation installed during four servicing missions with the Space Shuttle.
Dependability is therefore an essential aspect in any space project and one of the key contributions to the overall quality of the final product. However it is not always perceived as such, due to schedule, cost, mass, volume and other constraints on projects. A dependability programme does not generate physical products like a breadboard or a solar panel. The outputs are essentially recommendations on design trade-offs, a statement of risk, a procurement choice, identification of potential design weaknesses, and so on. However, designing a space product without regard to dependability issues jeopardizes mission success and may lead to catastrophic consequences. Experience shows that mission failures are always more costly than proactive investments into quality, dependability and safety assurance.